CVE-2016-6313
Description
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
3.177
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2013-4402,CVE-2013-4576,CVE-2014-4617,CVE-2016-6313 are affected in GnuPG for windows 1.4.14 | Windows |
| GNU privacy guard - a free PGP replacement (USN-3064-1) gnupg_1.4.16-1ubuntu2.4_i386.deb | Linux |
| GNU privacy guard - a free PGP replacement (USN-3064-1) gnupg_1.4.16-1ubuntu2.4_amd64.deb | Linux |
| GNU privacy guard - a free PGP replacement (USN-3064-1) gnupg_1.4.20-1ubuntu3.1_i386.deb | Linux |
| GNU privacy guard - a free PGP replacement (USN-3064-1) gnupg_1.4.20-1ubuntu3.1_amd64.deb | Linux |
| GNU privacy guard - a free PGP replacement (USN-3064-1) gnupg_1.4.11-3ubuntu2.10_i386.deb | Linux |
| GNU privacy guard - a free PGP replacement (USN-3064-1) gnupg_1.4.11-3ubuntu2.10_amd64.deb | Linux |
| LGPL Crypto library (USN-3065-1) libgcrypt11_1.5.0-3ubuntu0.6_i386.deb | Linux |
| LGPL Crypto library (USN-3065-1) libgcrypt11_1.5.0-3ubuntu0.6_amd64.deb | Linux |
| libgcrypt20 security update(DSA-3650-1) libgcrypt20_1.6.3-2+deb8u2_i386.deb | Linux |
| libgcrypt20 security update(DSA-3650-1) libgcrypt20_1.6.3-2+deb8u2_amd64.deb | Linux |
| Libgcrypt security update (CESA-2016:2674) libgcrypt-1.4.5-12.el6_8.i686.rpm | Linux |
| Libgcrypt security update (CESA-2016:2674) libgcrypt-1.4.5-12.el6_8.x86_64.rpm | Linux |
| Libgcrypt security update (CESA-2016:2674) libgcrypt-devel-1.4.5-12.el6_8.i686.rpm | Linux |
| Libgcrypt security update (CESA-2016:2674) libgcrypt-devel-1.4.5-12.el6_8.x86_64.rpm | Linux |
| (RHSA-2016:2674) Moderate: libgcrypt security update libgcrypt-1.4.5-12.el6_8.i686.rpm | Linux |
| (RHSA-2016:2674) Moderate: libgcrypt security update libgcrypt-1.4.5-12.el6_8.x86_64.rpm | Linux |
| (RHSA-2016:2674) Moderate: libgcrypt security update libgcrypt-1.5.3-13.el7_3.1.i686.rpm | Linux |
| (RHSA-2016:2674) Moderate: libgcrypt security update libgcrypt-1.5.3-13.el7_3.1.x86_64.rpm | Linux |
| (RHSA-2016:2674) Moderate: libgcrypt security update libgcrypt-devel-1.4.5-12.el6_8.i686.rpm | Linux |
| (RHSA-2016:2674) Moderate: libgcrypt security update libgcrypt-devel-1.4.5-12.el6_8.x86_64.rpm | Linux |
| (RHSA-2016:2674) Moderate: libgcrypt security update libgcrypt-devel-1.5.3-13.el7_3.1.i686.rpm | Linux |
| (RHSA-2016:2674) Moderate: libgcrypt security update libgcrypt-devel-1.5.3-13.el7_3.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2345-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgcrypt-debugsource-1.6.1-16.33.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2345-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgcrypt20-1.6.1-16.33.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2345-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgcrypt20-32bit-1.6.1-16.33.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2345-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgcrypt20-debuginfo-1.6.1-16.33.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2345-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgcrypt20-debuginfo-32bit-1.6.1-16.33.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2345-1(SUSE Linux Enterprise Server 12-SP1 ) libgcrypt20-hmac-1.6.1-16.33.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2345-1(SUSE Linux Enterprise Server 12-SP1 ) libgcrypt20-hmac-32bit-1.6.1-16.33.1.x86_64.rpm | Linux |
| Libgcrypt update (ELSA-2016-2674) libgcrypt-1.4.5-12.el6_8.x86_64.rpm | Linux |
| Libgcrypt-devel update (ELSA-2016-2674) libgcrypt-devel-1.4.5-12.el6_8.x86_64.rpm | Linux |
| Libgcrypt update (ELSA-2016-2674) libgcrypt-1.4.5-12.el6_8.i686.rpm | Linux |
| Libgcrypt-devel update (ELSA-2016-2674) libgcrypt-devel-1.4.5-12.el6_8.i686.rpm | Linux |
| Libgcrypt update (ELSA-2016-2674) libgcrypt-1.5.3-13.el7_3.1.x86_64.rpm | Linux |
| Libgcrypt-devel update (ELSA-2016-2674) libgcrypt-devel-1.5.3-13.el7_3.1.x86_64.rpm | Linux |
| Libgcrypt update (ELSA-2016-2674) libgcrypt-1.5.3-13.el7_3.1.i686.rpm | Linux |
| Libgcrypt-devel update (ELSA-2016-2674) libgcrypt-devel-1.5.3-13.el7_3.1.i686.rpm | Linux |
| (RHSA-2016:2674)Moderate: security update libgcrypt-debuginfo-1.5.3-13.el7_3.1.i686.rpm | Linux |
| (RHSA-2016:2674)Moderate: security update libgcrypt-debuginfo-1.5.3-13.el7_3.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234